Abstract: The internet has used widely by the users to handle sensitive data like credit card id, account id and pan number. Many scripting attacks like Cross Site Scripting (XSS), parameter tampering and buffer over flow attacks are targeted to the sensitive data. This XSS attacks are executed by the user’s interface. These attacks can be used to run malicious code on or steal personal information in web. The XSS attacks are challenging issue for the internet user because it is easily generated by the attacker but very tough to prevent it from an input filter because of its lacking techniques in the existing systems. In this study, new filtering policy has been proposed for detecting and filtering attacks. The system has been implemented with intermediary services to segregate the untrusted data and trusted data from the input. The proposed XSS filter tested with all possible attacks for verifying the robustness of filtering policy. The results show that the proposed filtering policy is very strong to refine the malicious SOAP message which contains attacks such as XSS. Researchers demonstrated the implementation and accuracy of the approach through extended testing using real-world cross-site scripting exploits.
E. Uma and A. Kannan, 2014. Automatic Prevention of Cross Site Scripting Attacks Using Intermediary Filter for Web Services. International Journal of Soft Computing, 9: 280-284.